pan-os-ansible icon indicating copy to clipboard operation
pan-os-ansible copied to clipboard

Published 20 hours ago verified publisher icon PaloAltoNetworks

Import Keypair for PAN-OS 10.1+

Open jamesholland-uk opened this issue 1 year ago • 1 comments

Is your feature request related to a problem?

Importing a keypair from 10.1+ results in an error. Task:

    - name: Import certificate
      paloaltonetworks.panos.panos_import:
        provider: '{{ device }}'
        category: 'keypair'
        certificate_name: 'local-ca'
        format: 'pkcs12'
        filename: './local-ca.p12'
        passphrase: 'somethingSecret'

Error: fatal: [vmseries-10dot1]: FAILED! => {"changed": false, "msg": "<response status=\"error\"><msg><line>Import of certificate and private-key local-ca failed. private key doesn't exist for csr</line></msg></response>"}

It looks like the XML schema changed in 10.1, and <keypair> is now <key>. GUI debug from 10.0 and 10.1 compared: pan-os-10 1-onwards-xml-change-import-keypair

Describe the solution you'd like

Accommodate all current supported version of PAN-OS for importing certificate keypairs.

Describe alternatives you've considered

N/A

Additional context

N/A

jamesholland-uk avatar Mar 02 '23 11:03 jamesholland-uk

have you found a workaround for that ?

benjamin-rousseau-shift avatar May 03 '23 11:05 benjamin-rousseau-shift